The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill manages a local device inventory file (devices.json) that stores sensitive connection details, including IP addresses, usernames, cleartext passwords, and paths to private SSH keys such as /home/user/.ssh/junos_key.
[COMMAND_EXECUTION]: Provides tools for executing arbitrary JunOS CLI commands and committing configuration changes, which are high-impact operations on production network infrastructure. Evidence includes the execute_junos_command, execute_junos_command_batch, and load_and_commit_config tools.
[EXTERNAL_DOWNLOADS]: Downloads the underlying MCP server from the official Juniper GitHub repository and requires multiple third-party Python libraries for network transport and parsing, such as paramiko, ncclient, and junos-eznc.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its data ingestion model. 1. Ingestion points: The agent processes CLI output, running configurations, and device facts retrieved from remote network devices. 2. Boundary markers: No explicit delimiters or instructional guardrails are defined in the tool definitions to isolate device-supplied data from the agent's reasoning. 3. Capability inventory: The skill has extensive capabilities including remote command execution, configuration modification, and local file access for inventory management. 4. Sanitization: There is no evidence of content sanitization or validation for data returned from network devices before it is integrated into the agent's context.

junos-network